Distribution of cryptographic keys forms the basis for protection of both data and networking resources in any network. Privacy, integrity, and authenticity are key capabilities identified as requirements for sensor networks, particularly those used in sensitive applications, such as healthcare. Sensor networks are networks of embedded devices (often wireless, resource-constrained, battery-powered, and composed in an ad hoc and/or multi-hop communication topology) that provide a distributed interface between the physical world and the digital world. Sensor networks sense information about people, places, and environments, make that information available to computers and people, and sometimes perform automated actuation. Providing these capabilities for sensor networks is challenging. Existing key distribution architectures tend to introduce overheads that are too high for the low power nodes that are typical. In addition, the ad hoc networks that are typical in some sensor network applications require extremely flexible and dynamic solutions.
Typical existing public key infrastructures (PKIs) provide robust and widely deployable key distribution schemes to enable privacy and authentication in a distributed system. However, public key cryptography introduces a high computation and energy consumption overhead, and thus must be used sparingly (if at all) in sensor networks. Therefore, current security proposals for sensor networks typically focus on symmetric cryptography, in which either each node shares a secret key with another node (pair-wise shared secret key) or the whole cluster of nodes share the same secret key (group key). These shared keys are pre-distributed or pre-configured at the time of deployment and often remain fixed throughout the entire lifetime of the application.
Use of symmetric keys, with either dynamic key distribution or key pre-distribution, may have several disadvantages:
Inflexible Keying of Symmetric Keys.
While symmetric group keys are lightweight in terms of computation and memory requirements, they do not identify the packet originator (every node shares the same secret key). Pair-wise symmetric keying allows authentication of packet originators, but the memory requirement to store all pair-wise keys on each sensor node simply does not scale with network size.
Vulnerability of Pre-Distributed Keys to Eavesdropping and Cryptanalysis.
Since key length is typically limited to save overhead in extremely resource-constrained devices and the key is fixed throughout the application lifetime, these systems tend to be vulnerable to exhaustive search attack or semantic analysis of intercepted packets.
Not Adaptive to Changes in Network Topology.
Secure addition of a new node into a network typically introduces significant communication overhead, especially when the network is large. A network that uses pre-distributed pair-wise keys is typically limited to a fixed member set.
Thus, there is a need for a key distribution and management method for sensor networks.